package com.csd.interceptor;

import javax.servlet.http.HttpSession;

import org.apache.struts2.ServletActionContext;

import com.csd.helper.ActionResult;
import com.csd.helper.IConstant;
import com.csd.vo.UserVO;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.Interceptor;

/**
 * 
 * Interceptor：角色拦截器
 * @author csd
 * @version 1.0
 * 
 * <br> 修订时间：2010-1-7
 * <br> 修改原因：创建文件
 * <br> 修改人：刘世彬
 * 
 * <br> 
 * 
 */
public abstract class RoleInterceptor implements Interceptor{
	protected String role;
	
	public void destroy() {
		// TODO Auto-generated method stub
		
	}
	
	public void init() {
		// TODO Auto-generated method stub
		
	}

	/***
	 * 拦截权限不够的用户
	 * 在部署时，初始各包对应拦截器，
	 * 在访问时，从session中取出角色与当前拦截器的角色匹配
	 */
	public String intercept(ActionInvocation invoker) throws Exception {
		HttpSession session = ServletActionContext.getRequest().getSession();
		if(session != null)
		{
			Object userVO = session.getAttribute(IConstant.userVO);
			if(userVO != null && userVO instanceof UserVO)
			{
				String role = ((UserVO)userVO).getType();
				if(this.role.equals(role))
				{
					return invoker.invoke();
				}
			}
		}	
		
		return ActionResult.noPermission;
	}
}
